fachrioktavian
Follow
Stars
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A Python module for common interactive command line user interfaces
Automatic SSRF fuzzer and exploitation tool
Important notes for oswe exam prepration. Challenges faces during oswe exam prepration.
grep rough audit - source code auditing tool
🎯 SQL Injection Payload List
Becoming the spider, crawling through the webs to catch the fly.
PHP Static Analysis Tool - discover bugs in your code without running it!
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
Collection of scripts and resources for DevSecOps and Automated Incident Response Security
SSRF plugin for burp Automates SSRF Detection in all of the Request
This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
A project security/vulnerability/risk scanning tool
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
All about bug bounty (bypasses, payloads, and etc)
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects